Newsletters: Newsbites

SANS NewsBites is a semiweekly high-level executive summary of the most important news articles that have been published on computer security during the last week. Each news item is very briefly summarized and includes a reference on the web for detailed information, if possible.

Spend five minutes per week to keep up with the high-level perspective of all the latest security news. New issues are delivered free every Tuesday and Friday.

Volume XVI - Issue #95

December 02, 2014

Good news for veterans and current military members building their cybersecurity careers: SANS' graduate programs are now eligible for GI Bill funding. With both Security Essentials (401) and Hacker Exploits (504) in Annapolis, February is a terrific time to begin either the master's program or any of the shorter graduate certificate programs, especially since the associated housing stipend more than covers any cost of travel. Best web link: www.sans.edu/veterans

STORM CENTER TECH CORNER

STORM CENTER TECH CORNER*********************** Sponsored By AlienVault ************************** The Bash Vulnerability: Practical Tips to Secure your Environment: Wednesday, December 10 at 1:00 PM EST - with Victor Obando, Garrett Gross. Join us for a live demo covering: Insights on how attackers are exploiting this vulnerability, Practical tips to minimize your exposure to attack, and How AlienVault USM can detect the bash vulnerability, and alert you of active attacks. http://www.sans.org/info/172492 **************************************************************************

Lists of top vulnerabilities to look for and address are helpful, but only when used as part of a larger overall strategy. Each organization needs to use the list to complement its own risk assessment practices. -http://www.zdnet.com/infosec-checklists-becoming-common-but-theyre-not-magic-7000036219/[Editor's Note (Pescatore): Did you ever sit in an airplane awaiting takeoff and see the pilots going through their pre-flight checklist? They don't do that *instead of* learning how to be good pilots, they do that to make sure they focus on the things most likely to lead to the plane crashing during takeoff. Technically detailed checklists, like the Critical Security Controls, provide that same level of focus and prioritization - something most compliance regimes lack. ]

Plea Agreement for Man Who Scanned County Website (November 26, 2014)

A man believed to have ties to the Anonymous collective recently reached a plea agreement with prosecutors over charges stemming from scanning a county website for vulnerabilities and launching brute force password attacks to access the site. Fidel Salinas pleaded guilty to misdemeanor computer fraud and abuse and agreed to pay US $10,000 in restitution. Several months ago, Salinas was facing 44 felony counts, which could have led to a sentence of 440 years in prison. Those charges have been dismissed. Salinas's attorney maintains that those charges were made to intimidate his client. Salinas now faces a maximum prison sentence of one year. -http://www.wired.com/2014/11/from-440-years-to-misdemeanor/-http://www.theregister.co.uk/2014/11/27/hacker_dodges_half_a_millennium_in_cooler_for_scanning_sites/[Editor's Note (Murray): Mandatory sentencing guidelines place discretion into the hands of prosecutors that heretofore was in the hands of judges. They are frequently used to bully defendants into copping a plea. However, one of the claims made for them by prosecutors is that they are used to force defendants to give up their accomplices. If it worked in this case, it is unlikely that any party to the agreement would be in a position to say so. ]

John Pescatore was Vice President at Gartner Inc. for fourteen years. He became a director of the SANS Institute in 2013. He has worked in computer and network security since 1978 including time at the NSA and the U.S. Secret Service.

Shawn Henry recently retired as FBI Executive Assistant Director responsible for all criminal and cyber programs and investigations worldwide, as well as international operations and the FBI's critical incident response. He is now president of CrowdStrike Services.

Stephen Northcutt teaches advanced courses in cyber security management; he founded the GIAC certification and was the founding President of STI, the premier skills-based cyber security graduate school, www.sans.edu.

Dr. Johannes Ullrich is Chief Technology Officer of the Internet Storm Center and Dean of the Faculty of the graduate school at the SANS Technology Institute.

Ed Skoudis is co-founder of CounterHack, the nation's top producer of cyber ranges, simulations, and competitive challenges, now used from high schools to the Air Force. He is also author and lead instructor of the SANS Hacker Exploits and Incident Handling course, and Penetration Testing course.

Michael Assante was Vice President and Chief Security Officer at NERC, led a key control systems group at Idaho National Labs, and was American Electric Power's CSO. He now leads the global cyber skills development program at SANS for power, oil & gas and other critical infrastructure industries.

Mark Weatherford is a Principal at The Chertoff Group and the former Deputy Under Secretary of Cybersecurity at the US Department of Homeland Security.

William Hugh Murray is an executive consultant and trainer in Information Assurance and Associate Professor at the Naval Postgraduate School.

Sean McBride is Director of Analysis and co-founder of Critical Intelligence, and, while at Idaho National Laboratory, he initiated the situational awareness effort that became the ICS-CERT.

Rob Lee is the SANS Institute's top forensics instructor and director of the digital forensics and incident response research and education program at SANS (computer-forensics.sans.org).

Tom Liston is a Senior Security Consultant and Malware Analyst for InGuardians, a handler for the SANS Institute's Internet Storm Center, and co-author of the book Counter Hack Reloaded.

Dr. Eric Cole is an instructor, author and fellow with The SANS Institute. He has written five books, including Insider Threat and he is a founder with Secure Anchor Consulting.

Mason Brown is one of a very small number of people in the information security field who have held a top management position in a Fortune 50 company (Alcoa). He leads SANS' efforts to raise the bar in cybersecurity education around the world.

David Hoelzer is the director of research & principal examiner for Enclave Forensics and a senior fellow with the SANS Technology Institute.

Gal Shpantzer is a trusted advisor to CSOs of large corporations, technology startups, Ivy League universities and non-profits specializing in critical infrastructure protection. Gal created the Security Outliers project in 2009, focusing on the role of culture in risk management outcomes and contributes to the Infosec Burnout project.

Alan Paller is director of research at the SANS Institute.

Brian Honan is an independent security consultant based in Dublin, Ireland.

David Turley is SANS operations manager and serves as production manager and final editor on SANS NewsBites.

Please feel free to share this with interested parties via email, but no posting is allowed on web sites. For a free subscription, (and for free posters) or to update a current subscription, visit http://portal.sans.org/